ICO fines Police Scotland over phone data disclosure
Regulatory/Legal Action
Summary
Hide ▲
Show ▼
The ICO fined Police Scotland £66,000 and reprimanded the force for a data protection failure that exposed a female officer’s phone contents to a colleague she accused of rape. The penalty matters because the disclosure included medical records, intimate photos, and contact details, widening the harm beyond the original misconduct probe. Police Scotland also failed to report the breach within 72 hours. The action shows how mishandling highly sensitive police records can trigger enforcement under data-protection law.
Related Happenings
ICO formal caution in Princess of Wales records case
Regulatory/Legal Action
H score28
First: 18.06.2026 17:45
Last: 18.06.2026 17:45
Sources 1
About this happening:
The **ICO** issued a **formal caution** to a **former London healthcare professional** under **section 170(5)** after reviewing prosecution criteria in a case involving the **Prin...
ICO formal caution in Princess of Wales records case
Regulatory/Legal ActionAbout this happening: The **ICO** issued a **formal caution** to a **former London healthcare professional** under **section 170(5)** after reviewing prosecution criteria in a case involving the **Prin...
ICO fine against South Staffordshire Water for data breach
Regulatory/Legal Action
H score69
First: 12.05.2026 11:30
Last: 12.05.2026 11:30
Sources 1
About this happening:
The **ICO** finalized a **nearly £1m** penalty against **South Staffordshire Water** and **South Staffordshire PLC**, resolving a cyber enforcement action tied to a breach that ex...
ICO fine against South Staffordshire Water for data breach
Regulatory/Legal ActionAbout this happening: The **ICO** finalized a **nearly £1m** penalty against **South Staffordshire Water** and **South Staffordshire PLC**, resolving a cyber enforcement action tied to a breach that ex...
Police Scotland disclosure of female officer phone contents
Data Leak
H score32
First: 12.03.2026 12:30
Last: 12.03.2026 12:30
Sources 1
How related:
The phone data – which reportedly included medical records, intimate photos and friends and family contact details – was erroneously passed to the officer under investigation.
About this happening:
**Police Scotland** exposed a female officer’s phone contents to an unauthorized colleague, leaking **medical records**, **intimate photos**, and **contact details**. The disclosu...
Police Scotland disclosure of female officer phone contents
Data LeakHow related: The phone data – which reportedly included medical records, intimate photos and friends and family contact details – was erroneously passed to the officer under investigation.
About this happening: **Police Scotland** exposed a female officer’s phone contents to an unauthorized colleague, leaking **medical records**, **intimate photos**, and **contact details**. The disclosu...
UK Information Commissioner’s Office (ICO) Issued a fine for GDPR non-compliance on Failure to use robust age verification and conduct a DPIA for children’s data
Regulatory/Legal Action
H score26
First: 25.02.2026 11:40
Last: 25.02.2026 11:40
Sources 1
About this happening:
The **ICO** fined **Reddit** **£14.47m ($19.6m)** for **GDPR non-compliance**, escalating child-data enforcement risk for online platforms that can be reached by **under-13 users*...
UK Information Commissioner’s Office (ICO) Issued a fine for GDPR non-compliance on Failure to use robust age verification and conduct a DPIA for children’s data
Regulatory/Legal ActionAbout this happening: The **ICO** fined **Reddit** **£14.47m ($19.6m)** for **GDPR non-compliance**, escalating child-data enforcement risk for online platforms that can be reached by **under-13 users*...
ICO fines Reddit for child data protection failures
Regulatory/Legal Action
H score25
First: 24.02.2026 16:54
Last: 24.02.2026 16:54
Sources 1
About this happening:
The **UK Information Commissioner's Office (ICO)** fined **Reddit** **£14.47 million** for collecting and using **children under 13**'s personal information without adequate safeg...
ICO fines Reddit for child data protection failures
Regulatory/Legal ActionAbout this happening: The **UK Information Commissioner's Office (ICO)** fined **Reddit** **£14.47 million** for collecting and using **children under 13**'s personal information without adequate safeg...
Timeline
-
12.03.2026 12:30 2 articles · 3mo ago
ICO fines Police Scotland over phone data disclosure
Legal Policy Action UpdateThe Information Commissioner’s Office fined Police Scotland £66,000 and reprimanded the force after finding that it shared the full contents of a female officer’s phone with a colleague she had accused of rape, including medical records, intimate photos, and family contact details. The regulator said the disclosure arose from an internal officer misconduct investigation that spanned several months in early 2021, and that Police Scotland also failed to notify it within the required 72 hours. The victim was first told about the disclosure in June 2022, later complained to the ICO, and the regulator began its investigation in May 2023.
Show sources
- Police Scotland Fined After Sharing Victim’s Phone Data — www.infosecurity-magazine.com — 12.03.2026 12:30
- Police Scotland Fined After Sharing Victim’s Phone Data — www.infosecurity-magazine.com — 12.03.2026 12:30